

<!DOCTYPE html>
<html class="writer-html5" lang="en" >
<head>
  <meta charset="utf-8" />
  
  <meta name="viewport" content="width=device-width, initial-scale=1.0" />
  
  <title>飞前检查 &mdash; Ceph Documentation</title>
  

  
  <link rel="stylesheet" href="../../../_static/ceph.css" type="text/css" />
  <link rel="stylesheet" href="../../../_static/pygments.css" type="text/css" />
  <link rel="stylesheet" href="../../../_static/graphviz.css" type="text/css" />
  <link rel="stylesheet" href="../../../_static/css/custom.css" type="text/css" />

  
  
    <link rel="shortcut icon" href="../../../_static/favicon.ico"/>
  

  
  

  

  
  <!--[if lt IE 9]>
    <script src="../../../_static/js/html5shiv.min.js"></script>
  <![endif]-->
  
    
      <script type="text/javascript" id="documentation_options" data-url_root="../../../" src="../../../_static/documentation_options.js"></script>
        <script src="../../../_static/jquery.js"></script>
        <script src="../../../_static/underscore.js"></script>
        <script src="../../../_static/doctools.js"></script>
    
    <script type="text/javascript" src="../../../_static/js/theme.js"></script>

    
    <link rel="index" title="Index" href="../../../genindex/" />
    <link rel="search" title="Search" href="../../../search/" />
    <link rel="next" title="存储集群入门" href="../quick-ceph-deploy/" />
    <link rel="prev" title="安装 (ceph-deploy)" href="../" /> 
</head>

<body class="wy-body-for-nav">

   
  <header class="top-bar">
    

















<div role="navigation" aria-label="breadcrumbs navigation">

  <ul class="wy-breadcrumbs">
    
      <li><a href="../../../" class="icon icon-home"></a> &raquo;</li>
        
          <li><a href="../../">安装 Ceph</a> &raquo;</li>
        
          <li><a href="../">安装 (ceph-deploy)</a> &raquo;</li>
        
      <li>飞前检查</li>
    
    
      <li class="wy-breadcrumbs-aside">
        
          
            <a href="../../../_sources/install/ceph-deploy/quick-start-preflight.rst.txt" rel="nofollow"> View page source</a>
          
        
      </li>
    
  </ul>

  
  <hr/>
</div>
  </header>
  <div class="wy-grid-for-nav">
    
    <nav data-toggle="wy-nav-shift" class="wy-nav-side">
      <div class="wy-side-scroll">
        <div class="wy-side-nav-search"  style="background: #eee" >
          

          
            <a href="../../../">
          

          
            
            <img src="../../../_static/logo.png" class="logo" alt="Logo"/>
          
          </a>

          

          
<div role="search">
  <form id="rtd-search-form" class="wy-form" action="../../../search/" method="get">
    <input type="text" name="q" placeholder="Search docs" />
    <input type="hidden" name="check_keywords" value="yes" />
    <input type="hidden" name="area" value="default" />
  </form>
</div>

          
        </div>

        
        <div class="wy-menu wy-menu-vertical" data-spy="affix" role="navigation" aria-label="main navigation">
          
            
            
              
            
            
              <ul class="current">
<li class="toctree-l1"><a class="reference internal" href="../../../start/intro/">Ceph 简介</a></li>
<li class="toctree-l1 current"><a class="reference internal" href="../../">安装 Ceph</a><ul class="current">
<li class="toctree-l2"><a class="reference internal" href="../../#id1">建议的方法</a></li>
<li class="toctree-l2 current"><a class="reference internal" href="../../#id2">其他方法</a><ul class="current">
<li class="toctree-l3"><a class="reference internal" href="../../index_manual/">安装（手动）</a></li>
<li class="toctree-l3 current"><a class="reference internal" href="../">安装 (ceph-deploy)</a><ul class="current">
<li class="toctree-l4 current"><a class="current reference internal" href="#">Preflight</a></li>
<li class="toctree-l4"><a class="reference internal" href="../quick-ceph-deploy/">Storage Cluster Quick Start</a></li>
<li class="toctree-l4"><a class="reference internal" href="../../../start/quick-rbd/">Block Device Quick Start</a></li>
<li class="toctree-l4"><a class="reference internal" href="../quick-cephfs/">Filesystem Quick Start</a></li>
<li class="toctree-l4"><a class="reference internal" href="../quick-rgw/">Object Storage Quick Start</a></li>
<li class="toctree-l4"><a class="reference internal" href="../upgrading-ceph/">升级 Ceph</a></li>
<li class="toctree-l4"><a class="reference internal" href="../install-ceph-gateway/">    安装 Ceph 对象网关</a></li>
</ul>
</li>
</ul>
</li>
</ul>
</li>
<li class="toctree-l1"><a class="reference internal" href="../../../cephadm/">Cephadm</a></li>
<li class="toctree-l1"><a class="reference internal" href="../../../rados/">Ceph 存储集群</a></li>
<li class="toctree-l1"><a class="reference internal" href="../../../cephfs/">Ceph 文件系统</a></li>
<li class="toctree-l1"><a class="reference internal" href="../../../rbd/">Ceph 块设备</a></li>
<li class="toctree-l1"><a class="reference internal" href="../../../radosgw/">Ceph 对象网关</a></li>
<li class="toctree-l1"><a class="reference internal" href="../../../mgr/">Ceph 管理器守护进程</a></li>
<li class="toctree-l1"><a class="reference internal" href="../../../mgr/dashboard/">Ceph 仪表盘</a></li>
<li class="toctree-l1"><a class="reference internal" href="../../../api/">API 文档</a></li>
<li class="toctree-l1"><a class="reference internal" href="../../../architecture/">体系结构</a></li>
<li class="toctree-l1"><a class="reference internal" href="../../../dev/developer_guide/">开发者指南</a></li>
<li class="toctree-l1"><a class="reference internal" href="../../../dev/internals/">Ceph 内幕</a></li>
<li class="toctree-l1"><a class="reference internal" href="../../../governance/">项目管理</a></li>
<li class="toctree-l1"><a class="reference internal" href="../../../foundation/">Ceph 基金会</a></li>
<li class="toctree-l1"><a class="reference internal" href="../../../ceph-volume/">ceph-volume</a></li>
<li class="toctree-l1"><a class="reference internal" href="../../../releases/general/">Ceph 版本（总目录）</a></li>
<li class="toctree-l1"><a class="reference internal" href="../../../releases/">Ceph 版本（索引）</a></li>
<li class="toctree-l1"><a class="reference internal" href="../../../glossary/">Ceph 术语</a></li>
<li class="toctree-l1"><a class="reference internal" href="../../../translation_cn/">中文版翻译资源</a></li>
</ul>

            
          
        </div>
        
      </div>
    </nav>

    <section data-toggle="wy-nav-shift" class="wy-nav-content-wrap">

      
      <nav class="wy-nav-top" aria-label="top navigation">
        
          <i data-toggle="wy-nav-top" class="fa fa-bars"></i>
          <a href="../../../">Ceph</a>
        
      </nav>


      <div class="wy-nav-content">
        
        <div class="rst-content">
        
          <div role="main" class="document" itemscope="itemscope" itemtype="http://schema.org/Article">
           <div itemprop="articleBody">
            
<div id="dev-warning" class="admonition note">
  <p class="first admonition-title">Notice</p>
  <p class="last">This document is for a development version of Ceph.</p>
</div>
  <div id="docubetter" align="right" style="padding: 5px; font-weight: bold;">
    <a href="https://pad.ceph.com/p/Report_Documentation_Bugs">Report a Documentation Bug</a>
  </div>

  
  <div class="section" id="id1">
<h1>飞前检查<a class="headerlink" href="#id1" title="Permalink to this headline">¶</a></h1>
<p><code class="docutils literal notranslate"><span class="pre">ceph-deploy</span></code> 工具在一台管理<a class="reference internal" href="../../../glossary/#term-5"><span class="xref std std-term">节点</span></a>上的一个目录下完成所有操作。任何一台有网络、较新的 python 环境、和 ssh （如
Linux ）的主机都可以。</p>
<p>在下面的描述中<a class="reference internal" href="../../../glossary/#term-5"><span class="xref std std-term">节点</span></a>代表一台机器。</p>
<div class="section" id="ceph-deploy">
<h2>ceph-deploy 的安装<a class="headerlink" href="#ceph-deploy" title="Permalink to this headline">¶</a></h2>
<p>把 Ceph 仓库添加到 <code class="docutils literal notranslate"><span class="pre">ceph-deploy</span></code> 管理节点，然后安装
<code class="docutils literal notranslate"><span class="pre">ceph-deploy</span></code> 。</p>
<div class="section" id="debian-ubuntu">
<h3>Debian/Ubuntu<a class="headerlink" href="#debian-ubuntu" title="Permalink to this headline">¶</a></h3>
<p>在 Debian 和 Ubuntu 发行版上，可以执行下列步骤：</p>
<ol class="arabic">
<li><p>添加发布密钥：</p>
<div class="highlight-default notranslate"><div class="highlight"><pre><span></span><span class="n">wget</span> <span class="o">-</span><span class="n">q</span> <span class="o">-</span><span class="n">O</span><span class="o">-</span> <span class="s1">&#39;https://download.ceph.com/keys/release.asc&#39;</span> <span class="o">|</span> <span class="n">sudo</span> <span class="n">apt</span><span class="o">-</span><span class="n">key</span> <span class="n">add</span> <span class="o">-</span>
</pre></div>
</div>
</li>
<li><p>添加 Ceph 软件包源，用稳定版 Ceph （如 <code class="docutils literal notranslate"><span class="pre">luminous</span></code> ）替换掉
<code class="docutils literal notranslate"><span class="pre">{ceph-stable-release}</span></code> ，然后运行命令。例如：</p>
<div class="highlight-default notranslate"><div class="highlight"><pre><span></span>echo deb https://download.ceph.com/debian-{ceph-stable-release}/ $(lsb_release -sc) main | sudo tee /etc/apt/sources.list.d/ceph.list
</pre></div>
</div>
</li>
<li><p>更新你的仓库，而后安装 <code class="docutils literal notranslate"><span class="pre">ceph-deploy</span></code> ：</p>
<div class="highlight-default notranslate"><div class="highlight"><pre><span></span><span class="n">sudo</span> <span class="n">apt</span><span class="o">-</span><span class="n">get</span> <span class="n">update</span>
<span class="n">sudo</span> <span class="n">apt</span><span class="o">-</span><span class="n">get</span> <span class="n">install</span> <span class="n">ceph</span><span class="o">-</span><span class="n">deploy</span>
</pre></div>
</div>
</li>
</ol>
<div class="admonition note">
<p class="admonition-title">Note</p>
<p>你也可以从欧洲镜像 eu.ceph.com 下载软件包，只需把 <code class="docutils literal notranslate"><span class="pre">https://download.ceph.com/</span></code> 替换成 <code class="docutils literal notranslate"><span class="pre">http://eu.ceph.com/</span></code>
即可。</p>
</div>
</div>
<div class="section" id="rhel-centos">
<h3>RHEL/CentOS<a class="headerlink" href="#rhel-centos" title="Permalink to this headline">¶</a></h3>
<p>对于 CentOS 7 ，可执行下列步骤：</p>
<ol class="arabic">
<li><p>在 Red Hat Enterprise Linux 7 上，用 <code class="docutils literal notranslate"><span class="pre">subscription-manager</span></code>
注册主机，核对你的订阅，然后启用 Extras 软件库，以解决软件包依赖。例如：</p>
<div class="highlight-default notranslate"><div class="highlight"><pre><span></span><span class="n">sudo</span> <span class="n">subscription</span><span class="o">-</span><span class="n">manager</span> <span class="n">repos</span> <span class="o">--</span><span class="n">enable</span><span class="o">=</span><span class="n">rhel</span><span class="o">-</span><span class="mi">7</span><span class="o">-</span><span class="n">server</span><span class="o">-</span><span class="n">extras</span><span class="o">-</span><span class="n">rpms</span>
</pre></div>
</div>
</li>
<li><p>安装并启用企业 Linux (EPEL) 附加软件包：</p>
<div class="highlight-default notranslate"><div class="highlight"><pre><span></span><span class="n">sudo</span> <span class="n">yum</span> <span class="n">install</span> <span class="o">-</span><span class="n">y</span> <span class="n">https</span><span class="p">:</span><span class="o">//</span><span class="n">dl</span><span class="o">.</span><span class="n">fedoraproject</span><span class="o">.</span><span class="n">org</span><span class="o">/</span><span class="n">pub</span><span class="o">/</span><span class="n">epel</span><span class="o">/</span><span class="n">epel</span><span class="o">-</span><span class="n">release</span><span class="o">-</span><span class="n">latest</span><span class="o">-</span><span class="mf">7.</span><span class="n">noarch</span><span class="o">.</span><span class="n">rpm</span>
</pre></div>
</div>
<p>背景信息请参考 <a class="reference external" href="https://fedoraproject.org/wiki/EPEL">EPEL 百科</a>。</p>
</li>
<li><p>用下列命令，把 Ceph 软件库写入你的 yum 配置文件
<code class="docutils literal notranslate"><span class="pre">/etc/yum.repos.d/ceph.repo</span></code> 。用一个 Ceph 稳定版（例如
<code class="docutils literal notranslate"><span class="pre">luminous</span></code> ）替换掉 <code class="docutils literal notranslate"><span class="pre">{ceph-stable-release}</span></code> 。例如：</p>
<div class="highlight-default notranslate"><div class="highlight"><pre><span></span><span class="n">cat</span> <span class="o">&lt;&lt;</span> <span class="n">EOM</span> <span class="o">&gt;</span> <span class="o">/</span><span class="n">etc</span><span class="o">/</span><span class="n">yum</span><span class="o">.</span><span class="n">repos</span><span class="o">.</span><span class="n">d</span><span class="o">/</span><span class="n">ceph</span><span class="o">.</span><span class="n">repo</span>
<span class="p">[</span><span class="n">ceph</span><span class="o">-</span><span class="n">noarch</span><span class="p">]</span>
<span class="n">name</span><span class="o">=</span><span class="n">Ceph</span> <span class="n">noarch</span> <span class="n">packages</span>
<span class="n">baseurl</span><span class="o">=</span><span class="n">https</span><span class="p">:</span><span class="o">//</span><span class="n">download</span><span class="o">.</span><span class="n">ceph</span><span class="o">.</span><span class="n">com</span><span class="o">/</span><span class="n">rpm</span><span class="o">-</span><span class="p">{</span><span class="n">ceph</span><span class="o">-</span><span class="n">stable</span><span class="o">-</span><span class="n">release</span><span class="p">}</span><span class="o">/</span><span class="n">el7</span><span class="o">/</span><span class="n">noarch</span>
<span class="n">enabled</span><span class="o">=</span><span class="mi">1</span>
<span class="n">gpgcheck</span><span class="o">=</span><span class="mi">1</span>
<span class="nb">type</span><span class="o">=</span><span class="n">rpm</span><span class="o">-</span><span class="n">md</span>
<span class="n">gpgkey</span><span class="o">=</span><span class="n">https</span><span class="p">:</span><span class="o">//</span><span class="n">download</span><span class="o">.</span><span class="n">ceph</span><span class="o">.</span><span class="n">com</span><span class="o">/</span><span class="n">keys</span><span class="o">/</span><span class="n">release</span><span class="o">.</span><span class="n">asc</span>
<span class="n">EOM</span>
</pre></div>
</div>
</li>
<li><p>更新软件库并安装 <code class="docutils literal notranslate"><span class="pre">ceph-deploy</span></code> ：</p>
<div class="highlight-default notranslate"><div class="highlight"><pre><span></span><span class="n">sudo</span> <span class="n">yum</span> <span class="n">update</span> <span class="o">&amp;&amp;</span> <span class="n">sudo</span> <span class="n">yum</span> <span class="n">install</span> <span class="n">ceph</span><span class="o">-</span><span class="n">deploy</span>
</pre></div>
</div>
</li>
</ol>
<div class="admonition note">
<p class="admonition-title">Note</p>
<p>你也可以从欧洲镜像 eu.ceph.com 下载软件包，只需把 <code class="docutils literal notranslate"><span class="pre">https://download.ceph.com/</span></code> 替换成 <code class="docutils literal notranslate"><span class="pre">http://eu.ceph.com/</span></code>
即可。</p>
</div>
</div>
<div class="section" id="opensuse">
<h3>openSUSE<a class="headerlink" href="#opensuse" title="Permalink to this headline">¶</a></h3>
<p>Ceph 项目现在不给 openSUSE 发布 RPM 了，但是默认的更新库里自带
Ceph 稳定版，所以安装很简单：</p>
<div class="highlight-default notranslate"><div class="highlight"><pre><span></span><span class="n">sudo</span> <span class="n">zypper</span> <span class="n">install</span> <span class="n">ceph</span>
<span class="n">sudo</span> <span class="n">zypper</span> <span class="n">install</span> <span class="n">ceph</span><span class="o">-</span><span class="n">deploy</span>
</pre></div>
</div>
<p>如果你的发行版过时了，可以向 <a class="reference external" href="https://bugzilla.opensuse.org/index.cgi">https://bugzilla.opensuse.org/index.cgi</a>
反映，另外也可以试试下面的库：</p>
<ol class="arabic">
<li><p>Hammer:</p>
<div class="highlight-default notranslate"><div class="highlight"><pre><span></span>https://software.opensuse.org/download.html?project=filesystems%3Aceph%3Ahammer&amp;package=ceph
</pre></div>
</div>
</li>
<li><p>Jewel:</p>
<div class="highlight-default notranslate"><div class="highlight"><pre><span></span>https://software.opensuse.org/download.html?project=filesystems%3Aceph%3Ajewel&amp;package=ceph
</pre></div>
</div>
</li>
</ol>
</div>
</div>
<div class="section" id="ceph">
<h2>Ceph 节点安装<a class="headerlink" href="#ceph" title="Permalink to this headline">¶</a></h2>
<p>你的管理节点必须能够通过 SSH 无密码地访问各 Ceph 节点。如果 <code class="docutils literal notranslate"><span class="pre">ceph-deploy</span></code> 以某个普通用户登录，那么这个用户必须有无密码使用 <code class="docutils literal notranslate"><span class="pre">sudo</span></code> 的权限。</p>
<div class="section" id="ntp">
<h3>安装 NTP<a class="headerlink" href="#ntp" title="Permalink to this headline">¶</a></h3>
<p>我们建议把 NTP 服务安装到所有 Ceph 节点上（特别是 Ceph 监视器节点），以免因时钟漂移导致故障，详情见<a class="reference external" href="../../../rados/configuration/mon-config-ref#clock">时钟</a>。</p>
<p>在 CentOS / RHEL 上可执行：</p>
<div class="highlight-default notranslate"><div class="highlight"><pre><span></span><span class="n">sudo</span> <span class="n">yum</span> <span class="n">install</span> <span class="n">ntp</span> <span class="n">ntpdate</span> <span class="n">ntp</span><span class="o">-</span><span class="n">doc</span>
</pre></div>
</div>
<p>在 Debian / Ubuntu 上可执行：</p>
<div class="highlight-default notranslate"><div class="highlight"><pre><span></span><span class="n">sudo</span> <span class="n">apt</span> <span class="n">install</span> <span class="n">ntp</span>
</pre></div>
</div>
<p>确保在各 Ceph 节点上启动了 NTP 服务，并且要使用同一个 NTP 服务器，详情见 <a class="reference external" href="http://www.ntp.org/">NTP</a> 。</p>
</div>
<div class="section" id="ssh">
<h3>安装 SSH 服务器<a class="headerlink" href="#ssh" title="Permalink to this headline">¶</a></h3>
<p>在<strong>所有</strong> Ceph 节点上执行如下步骤：</p>
<ol class="arabic">
<li><p>在各 Ceph 节点安装 SSH 服务器（如果还没有）：</p>
<div class="highlight-default notranslate"><div class="highlight"><pre><span></span><span class="n">sudo</span> <span class="n">apt</span> <span class="n">install</span> <span class="n">openssh</span><span class="o">-</span><span class="n">server</span>
</pre></div>
</div>
<p>或者</p>
<div class="highlight-default notranslate"><div class="highlight"><pre><span></span><span class="n">sudo</span> <span class="n">yum</span> <span class="n">install</span> <span class="n">openssh</span><span class="o">-</span><span class="n">server</span>
</pre></div>
</div>
</li>
<li><p>确保<strong>所有</strong> Ceph 节点上的 SSH 服务器都在运行。</p></li>
</ol>
</div>
<div class="section" id="id2">
<h3>创建部署 Ceph 的用户<a class="headerlink" href="#id2" title="Permalink to this headline">¶</a></h3>
<p><code class="docutils literal notranslate"><span class="pre">ceph-deploy</span></code> 工具必须以普通用户登录，且此用户拥有无密码使用 <code class="docutils literal notranslate"><span class="pre">sudo</span></code> 的权限，因为它需要安装软件及配置文件，中途不能输入密码。</p>
<p>较新版的 <code class="docutils literal notranslate"><span class="pre">ceph-deploy</span></code> 支持用 <code class="docutils literal notranslate"><span class="pre">--username</span></code> 选项提供可无密码使用 <code class="docutils literal notranslate"><span class="pre">sudo</span></code> 的用户名（包括 <code class="docutils literal notranslate"><span class="pre">root</span></code> ，虽然<strong>不建议</strong>这样做）。要用 <code class="docutils literal notranslate"><span class="pre">ceph-deploy</span> <span class="pre">--username</span> <span class="pre">{username}</span></code> 命令，指定的用户必须能够通过无密码 SSH 连接到 Ceph 节点，因为 <code class="docutils literal notranslate"><span class="pre">ceph-deploy</span></code> 不支持中途输入密码。</p>
<p>我们建议在集群内的<strong>所有</strong> Ceph 节点上都给 <code class="docutils literal notranslate"><span class="pre">ceph-deploy</span></code> 创建一个普通用户（但<strong>不要</strong>用 “ceph” 这个名字），全集群统一的用户名可简化操作（非必需），然而你应该避免使用知名用户名，因为黑帽子们会用它做暴力破解（如 <code class="docutils literal notranslate"><span class="pre">root</span></code> 、 <code class="docutils literal notranslate"><span class="pre">admin</span></code> 、 <code class="docutils literal notranslate"><span class="pre">{productname}</span></code> ）。后续步骤描述了如何创建无 <code class="docutils literal notranslate"><span class="pre">sudo</span></code> 密码的用户，你要用自己取的名字取代 <code class="docutils literal notranslate"><span class="pre">{username}</span></code> 。</p>
<div class="admonition note">
<p class="admonition-title">Note</p>
<p>从 <a class="reference internal" href="../../../releases/infernalis/#infernalis-release-notes"><span class="std std-ref">Infernalis 版</span></a>起，用户名 “ceph” 保留给了 Ceph 守护进程。如果 Ceph 节点上已经有了 “ceph” 用户，升级前必须先删掉这个用户。</p>
</div>
<ol class="arabic">
<li><p>在各 Ceph 节点创建新用户。</p>
<div class="highlight-default notranslate"><div class="highlight"><pre><span></span><span class="n">ssh</span> <span class="n">user</span><span class="nd">@ceph</span><span class="o">-</span><span class="n">server</span>
<span class="n">sudo</span> <span class="n">useradd</span> <span class="o">-</span><span class="n">d</span> <span class="o">/</span><span class="n">home</span><span class="o">/</span><span class="p">{</span><span class="n">username</span><span class="p">}</span> <span class="o">-</span><span class="n">m</span> <span class="p">{</span><span class="n">username</span><span class="p">}</span>
<span class="n">sudo</span> <span class="n">passwd</span> <span class="p">{</span><span class="n">username</span><span class="p">}</span>
</pre></div>
</div>
</li>
<li><p>确保各 Ceph 节点上新创建的用户都有 <code class="docutils literal notranslate"><span class="pre">sudo</span></code> 权限。</p>
<div class="highlight-default notranslate"><div class="highlight"><pre><span></span><span class="n">echo</span> <span class="s2">&quot;</span><span class="si">{username}</span><span class="s2"> ALL = (root) NOPASSWD:ALL&quot;</span> <span class="o">|</span> <span class="n">sudo</span> <span class="n">tee</span> <span class="o">/</span><span class="n">etc</span><span class="o">/</span><span class="n">sudoers</span><span class="o">.</span><span class="n">d</span><span class="o">/</span><span class="p">{</span><span class="n">username</span><span class="p">}</span>
<span class="n">sudo</span> <span class="n">chmod</span> <span class="mi">0440</span> <span class="o">/</span><span class="n">etc</span><span class="o">/</span><span class="n">sudoers</span><span class="o">.</span><span class="n">d</span><span class="o">/</span><span class="p">{</span><span class="n">username</span><span class="p">}</span>
</pre></div>
</div>
</li>
</ol>
</div>
<div class="section" id="id3">
<h3>允许无密码 SSH 登录<a class="headerlink" href="#id3" title="Permalink to this headline">¶</a></h3>
<p>正因为 <code class="docutils literal notranslate"><span class="pre">ceph-deploy</span></code> 不支持输入密码，你必须在管理节点上生成 SSH 密钥并把其公钥散布到各 Ceph 节点。 <code class="docutils literal notranslate"><span class="pre">ceph-deploy</span></code> 会尝试给初始监视器们生成 SSH 密钥对。</p>
<ol class="arabic">
<li><p>生成 SSH 密钥对，但不要用 <code class="docutils literal notranslate"><span class="pre">sudo</span></code> 或 <code class="docutils literal notranslate"><span class="pre">root</span></code> 用户。口令为空：</p>
<div class="highlight-default notranslate"><div class="highlight"><pre><span></span><span class="n">ssh</span><span class="o">-</span><span class="n">keygen</span>

<span class="n">Generating</span> <span class="n">public</span><span class="o">/</span><span class="n">private</span> <span class="n">key</span> <span class="n">pair</span><span class="o">.</span>
<span class="n">Enter</span> <span class="n">file</span> <span class="ow">in</span> <span class="n">which</span> <span class="n">to</span> <span class="n">save</span> <span class="n">the</span> <span class="n">key</span> <span class="p">(</span><span class="o">/</span><span class="n">ceph</span><span class="o">-</span><span class="n">admin</span><span class="o">/.</span><span class="n">ssh</span><span class="o">/</span><span class="n">id_rsa</span><span class="p">):</span>
<span class="n">Enter</span> <span class="n">passphrase</span> <span class="p">(</span><span class="n">empty</span> <span class="k">for</span> <span class="n">no</span> <span class="n">passphrase</span><span class="p">):</span>
<span class="n">Enter</span> <span class="n">same</span> <span class="n">passphrase</span> <span class="n">again</span><span class="p">:</span>
<span class="n">Your</span> <span class="n">identification</span> <span class="n">has</span> <span class="n">been</span> <span class="n">saved</span> <span class="ow">in</span> <span class="o">/</span><span class="n">ceph</span><span class="o">-</span><span class="n">admin</span><span class="o">/.</span><span class="n">ssh</span><span class="o">/</span><span class="n">id_rsa</span><span class="o">.</span>
<span class="n">Your</span> <span class="n">public</span> <span class="n">key</span> <span class="n">has</span> <span class="n">been</span> <span class="n">saved</span> <span class="ow">in</span> <span class="o">/</span><span class="n">ceph</span><span class="o">-</span><span class="n">admin</span><span class="o">/.</span><span class="n">ssh</span><span class="o">/</span><span class="n">id_rsa</span><span class="o">.</span><span class="n">pub</span><span class="o">.</span>
</pre></div>
</div>
</li>
<li><p>把公钥拷贝到各 Ceph 节点，把下列命令中的 <code class="docutils literal notranslate"><span class="pre">{username}</span></code> 替换成前面<a class="reference internal" href="#id2">创建部署 Ceph 的用户</a>里的用户名。</p>
<div class="highlight-default notranslate"><div class="highlight"><pre><span></span><span class="n">ssh</span><span class="o">-</span><span class="n">copy</span><span class="o">-</span><span class="nb">id</span> <span class="p">{</span><span class="n">username</span><span class="p">}</span><span class="nd">@node1</span>
<span class="n">ssh</span><span class="o">-</span><span class="n">copy</span><span class="o">-</span><span class="nb">id</span> <span class="p">{</span><span class="n">username</span><span class="p">}</span><span class="nd">@node2</span>
<span class="n">ssh</span><span class="o">-</span><span class="n">copy</span><span class="o">-</span><span class="nb">id</span> <span class="p">{</span><span class="n">username</span><span class="p">}</span><span class="nd">@node3</span>
</pre></div>
</div>
</li>
<li><p>（ 推荐做法）修改 <code class="docutils literal notranslate"><span class="pre">ceph-deploy</span></code> 管理节点上的 <code class="docutils literal notranslate"><span class="pre">~/.ssh/config</span></code> 文件，这样 <code class="docutils literal notranslate"><span class="pre">ceph-deploy</span></code> 就能用你所建的用户名登录 Ceph 节点了，无需每次执行 <code class="docutils literal notranslate"><span class="pre">ceph-deploy</span></code> 都指定 <code class="docutils literal notranslate"><span class="pre">--username</span> <span class="pre">{username}</span></code> 。这样做同时也简化了 <code class="docutils literal notranslate"><span class="pre">ssh</span></code> 和 <code class="docutils literal notranslate"><span class="pre">scp</span></code> 的用法。把 <code class="docutils literal notranslate"><span class="pre">{username}</span></code> 替换成你创建的用户名。</p>
<div class="highlight-default notranslate"><div class="highlight"><pre><span></span><span class="n">Host</span> <span class="n">node1</span>
   <span class="n">Hostname</span> <span class="n">node1</span>
   <span class="n">User</span> <span class="p">{</span><span class="n">username</span><span class="p">}</span>
<span class="n">Host</span> <span class="n">node2</span>
   <span class="n">Hostname</span> <span class="n">node2</span>
   <span class="n">User</span> <span class="p">{</span><span class="n">username</span><span class="p">}</span>
<span class="n">Host</span> <span class="n">node3</span>
   <span class="n">Hostname</span> <span class="n">node3</span>
   <span class="n">User</span> <span class="p">{</span><span class="n">username</span><span class="p">}</span>
</pre></div>
</div>
</li>
</ol>
</div>
<div class="section" id="id4">
<h3>引导时联网<a class="headerlink" href="#id4" title="Permalink to this headline">¶</a></h3>
<p>Ceph 的各 OSD 进程通过网络互联并向监视器集群报告，如果网络默认为 <code class="docutils literal notranslate"><span class="pre">off</span></code> ，那么 Ceph 集群就不能在启动时就上线，直到打开网络。</p>
<p>某些发行版（如 CentOS ）默认关闭网络接口，故此需确保网卡在系统启动时都能启动，这样 Ceph 守护进程才能通过网络互联。例如，在 Red Hat 和 CentOS 上，需进入 <code class="docutils literal notranslate"><span class="pre">/etc/sysconfig/network-scripts</span></code> 目录并确保 <code class="docutils literal notranslate"><span class="pre">ifcfg-{iface}</span></code> 文件中的 <code class="docutils literal notranslate"><span class="pre">ONBOOT</span></code> 设置成了 <code class="docutils literal notranslate"><span class="pre">yes</span></code> 。</p>
</div>
<div class="section" id="id5">
<h3>确保联通性<a class="headerlink" href="#id5" title="Permalink to this headline">¶</a></h3>
<p>用 <code class="docutils literal notranslate"><span class="pre">ping</span></code> 短主机名（ <code class="docutils literal notranslate"><span class="pre">hostname</span> <span class="pre">-s</span></code> ）的方式确认网络没问题，解决掉可能存在的主机名解析问题。</p>
<div class="admonition note">
<p class="admonition-title">Note</p>
<p>主机名应该解析为网络 IP 地址，而非回环接口 IP 地址（即主机名应该解析成非 <code class="docutils literal notranslate"><span class="pre">127.0.0.1</span></code> 的IP地址）。如果你的管理节点同时也是一个 Ceph 节点，也要确认它能正确解析主机名和 IP 地址（即非回环 IP 地址）。</p>
</div>
</div>
<div class="section" id="id6">
<h3>放通所需端口<a class="headerlink" href="#id6" title="Permalink to this headline">¶</a></h3>
<p>Ceph 监视器之间默认用 <code class="docutils literal notranslate"><span class="pre">6789</span></code> 端口通信， OSD 之间默认用 <code class="docutils literal notranslate"><span class="pre">6800:7300</span></code> 这个范围内的端口通信。详情见<a class="reference external" href="../../../rados/configuration/network-config-ref">网络配置参考</a>。 Ceph OSD 能利用多个网络连接与客户端、监视器、其他副本 OSD 、其它心跳 OSD 分别进行通信。</p>
<p>某些发行版（如 RHEL ）的默认防火墙配置非常严格，你得调整防火墙，允许相应的入栈请求，这样客户端才能与 Ceph 节点通信。</p>
<p>对于 RHEL 7 上的 <code class="docutils literal notranslate"><span class="pre">firewalld</span></code> ，可把服务加入公共域，监视器节点上应该加 <code class="docutils literal notranslate"><span class="pre">ceph-mon</span></code> 服务、 OSD 和 MDS 上加 <code class="docutils literal notranslate"><span class="pre">ceph</span></code> 服务，并且要配置为永久规则，这样重启后规则仍有效。</p>
<p>例如，在监视器上：</p>
<div class="highlight-default notranslate"><div class="highlight"><pre><span></span><span class="n">sudo</span> <span class="n">firewall</span><span class="o">-</span><span class="n">cmd</span> <span class="o">--</span><span class="n">zone</span><span class="o">=</span><span class="n">public</span> <span class="o">--</span><span class="n">add</span><span class="o">-</span><span class="n">service</span><span class="o">=</span><span class="n">ceph</span><span class="o">-</span><span class="n">mon</span> <span class="o">--</span><span class="n">permanent</span>
</pre></div>
</div>
<p>在 OSD 和 MDS 主机上：</p>
<div class="highlight-default notranslate"><div class="highlight"><pre><span></span><span class="n">sudo</span> <span class="n">firewall</span><span class="o">-</span><span class="n">cmd</span> <span class="o">--</span><span class="n">zone</span><span class="o">=</span><span class="n">public</span> <span class="o">--</span><span class="n">add</span><span class="o">-</span><span class="n">service</span><span class="o">=</span><span class="n">ceph</span> <span class="o">--</span><span class="n">permanent</span>
</pre></div>
</div>
<p>加 <code class="docutils literal notranslate"><span class="pre">--permanent</span></code> 选项配置完 firewalld 后，无需重启就可以让它立即生效：</p>
<div class="highlight-default notranslate"><div class="highlight"><pre><span></span><span class="n">sudo</span> <span class="n">firewall</span><span class="o">-</span><span class="n">cmd</span> <span class="o">--</span><span class="n">reload</span>
</pre></div>
</div>
<p>若用 <code class="docutils literal notranslate"><span class="pre">iptables</span></code> 命令，要放通 Ceph 监视器所用的 <code class="docutils literal notranslate"><span class="pre">6789</span></code> 端口和 OSD 所用的 <code class="docutils literal notranslate"><span class="pre">6800:7300</span></code> 端口范围，命令如下：</p>
<div class="highlight-default notranslate"><div class="highlight"><pre><span></span><span class="n">sudo</span> <span class="n">iptables</span> <span class="o">-</span><span class="n">A</span> <span class="n">INPUT</span> <span class="o">-</span><span class="n">i</span> <span class="p">{</span><span class="n">iface</span><span class="p">}</span> <span class="o">-</span><span class="n">p</span> <span class="n">tcp</span> <span class="o">-</span><span class="n">s</span> <span class="p">{</span><span class="n">ip</span><span class="o">-</span><span class="n">address</span><span class="p">}</span><span class="o">/</span><span class="p">{</span><span class="n">netmask</span><span class="p">}</span> <span class="o">--</span><span class="n">dport</span> <span class="mi">6789</span> <span class="o">-</span><span class="n">j</span> <span class="n">ACCEPT</span>
</pre></div>
</div>
<p>配置好 <code class="docutils literal notranslate"><span class="pre">iptables</span></code> 之后要保存配置，这样重启之后才依然有效。例如：</p>
<div class="highlight-default notranslate"><div class="highlight"><pre><span></span><span class="o">/</span><span class="n">sbin</span><span class="o">/</span><span class="n">service</span> <span class="n">iptables</span> <span class="n">save</span>
</pre></div>
</div>
</div>
<div class="section" id="tty">
<h3>终端（ TTY ）<a class="headerlink" href="#tty" title="Permalink to this headline">¶</a></h3>
<p>在 CentOS 和 RHEL 上执行 <code class="docutils literal notranslate"><span class="pre">ceph-deploy</span></code> 命令时，如果你的 Ceph 节点默认设置了 <code class="docutils literal notranslate"><span class="pre">requiretty</span></code> 那就会遇到报错。可以这样禁用它，执行 <code class="docutils literal notranslate"><span class="pre">sudo</span> <span class="pre">visudo</span></code> ，找到 <code class="docutils literal notranslate"><span class="pre">Defaults</span> <span class="pre">requiretty</span></code> 选项，把它改为 <code class="docutils literal notranslate"><span class="pre">Defaults:ceph</span> <span class="pre">!requiretty</span></code> 或者干脆注释掉，这样 <code class="docutils literal notranslate"><span class="pre">ceph-deploy</span></code> 就可以用之前创建的用户（<a class="reference internal" href="#id2">创建部署 Ceph 的用户</a> ）连接了。</p>
<div class="admonition note">
<p class="admonition-title">Note</p>
<p>编辑配置文件 <code class="docutils literal notranslate"><span class="pre">/etc/sudoers</span></code> 时，必须用 <code class="docutils literal notranslate"><span class="pre">sudo</span> <span class="pre">visudo</span></code> 而不是文本编辑器。</p>
</div>
</div>
<div class="section" id="selinux">
<h3>SELinux<a class="headerlink" href="#selinux" title="Permalink to this headline">¶</a></h3>
<p>在 CentOS 和 RHEL 上， SELinux 默认开启为 <code class="docutils literal notranslate"><span class="pre">Enforcing</span></code> 。为简化安装，我们建议把 SELinux 设置为 <code class="docutils literal notranslate"><span class="pre">Permissive</span></code> 或者完全禁用，也就是在加固系统配置前先确保集群的安装、配置没问题。用下列命令把 SELinux 设置为 <code class="docutils literal notranslate"><span class="pre">Permissive</span></code> ：</p>
<div class="highlight-default notranslate"><div class="highlight"><pre><span></span><span class="n">sudo</span> <span class="n">setenforce</span> <span class="mi">0</span>
</pre></div>
</div>
<p>要使 SELinux 配置永久生效（如果它确是问题根源），需修改其配置文件 <code class="docutils literal notranslate"><span class="pre">/etc/selinux/config</span></code> 。</p>
</div>
<div class="section" id="id7">
<h3>优先级或首选项<a class="headerlink" href="#id7" title="Permalink to this headline">¶</a></h3>
<p>确保你的包管理器安装了优先级或首选项包、且已启用。在 CentOS 上你也许得安装 EPEL ，在 RHEL 上你也许得启用可选软件库。</p>
<div class="highlight-default notranslate"><div class="highlight"><pre><span></span><span class="n">sudo</span> <span class="n">yum</span> <span class="n">install</span> <span class="n">yum</span><span class="o">-</span><span class="n">plugin</span><span class="o">-</span><span class="n">priorities</span>
</pre></div>
</div>
<p>比如在 RHEL 7 服务器上，可用下列命令安装 <code class="docutils literal notranslate"><span class="pre">yum-plugin-priorities</span></code>并启用 <code class="docutils literal notranslate"><span class="pre">rhel-7-server-optional-rpms</span></code> 软件库：</p>
<div class="highlight-default notranslate"><div class="highlight"><pre><span></span><span class="n">sudo</span> <span class="n">yum</span> <span class="n">install</span> <span class="n">yum</span><span class="o">-</span><span class="n">plugin</span><span class="o">-</span><span class="n">priorities</span> <span class="o">--</span><span class="n">enablerepo</span><span class="o">=</span><span class="n">rhel</span><span class="o">-</span><span class="mi">7</span><span class="o">-</span><span class="n">server</span><span class="o">-</span><span class="n">optional</span><span class="o">-</span><span class="n">rpms</span>
</pre></div>
</div>
</div>
</div>
<div class="section" id="id8">
<h2>总结<a class="headerlink" href="#id8" title="Permalink to this headline">¶</a></h2>
<p>快速入门的飞前部分到此结束，请继续<a class="reference external" href="../quick-ceph-deploy">存储集群快速入门</a>。</p>
</div>
</div>



           </div>
           
          </div>
          <footer>
    <div class="rst-footer-buttons" role="navigation" aria-label="footer navigation">
        <a href="../quick-ceph-deploy/" class="btn btn-neutral float-right" title="存储集群入门" accesskey="n" rel="next">Next <span class="fa fa-arrow-circle-right" aria-hidden="true"></span></a>
        <a href="../" class="btn btn-neutral float-left" title="安装 (ceph-deploy)" accesskey="p" rel="prev"><span class="fa fa-arrow-circle-left" aria-hidden="true"></span> Previous</a>
    </div>

  <hr/>

  <div role="contentinfo">
    <p>
        &#169; Copyright 2016, Ceph authors and contributors. Licensed under Creative Commons Attribution Share Alike 3.0 (CC-BY-SA-3.0).

    </p>
  </div> 

</footer>
        </div>
      </div>

    </section>

  </div>
  

  <script type="text/javascript">
      jQuery(function () {
          SphinxRtdTheme.Navigation.enable(true);
      });
  </script>

  
  
    
   

</body>
</html>